Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Zero-Day Vulnerability Found In Adobe Flash Player (gbhackers.com)

Posted by BeauHD on from the out-in-the-wild dept.

GBHackers On Cyber Security and an anonymous Slashdot reader have shared a story about a new zero-day vulnerability found in Adobe's Flash Player. Bleeping Computer reports: South Korean authorities have issued a warning regarding a brand new Flash zero-day deployed in the wild. According to a security alert issued by the South Korean Computer Emergency Response Team (KR-CERT), the zero-day affects Flash Player installs 28.0.0.137 and earlier. Flash 28.0.0.137 is the current Flash version number.

"An attacker can persuade users to open Microsoft Office documents, web pages, spam e-mails, etc. that contain Flash files that distribute the malicious [Flash] code," KR-CERT said. The malicious code is believed to be a Flash SWF file embedded in MS Word documents. Simon Choi, a security researcher with Hauri Inc., a South Korean security firm, says the zero-day has been made and deployed by North Korean threat actors and used since mid-November 2017. Choi says attackers are trying to infect South Koreans researching North Korea. Adobe said it plans to patch this zero-day on Monday, February 5.

13 of 87 comments (clear)

  1. Again... by JaredOfEuropa · · Score: 5, Informative

    I treat Flash itself as potential malware, and consider it to be compromised at all times. Thankfully, these days you hardly ever need it anymore.

    --
    If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
    1. Re:Again... by ChunderDownunder · · Score: 2

      IIRC, non-MS programs can't see the system copy, i.e. Firefox. Google Chrome sandboxes its own installation.

  2. There are _still_ people using Flash Player? by gweihir · · Score: 2

    Talk about having a death-wish...

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:There are _still_ people using Flash Player? by jonwil · · Score: 4, Informative

      There are still streaming video sites out there that need Flash.
      Including the iView catch-up TV site for the Australian ABC (national government-run broadcaster) which refuses to work without Flash on my Windows 7 PC using any of the browsers I have (including Internet Exploder and Mozilla SeaMonkey)

      That said, I do not have the ActiveX version of Flash installed (which is what this exploit is targeting) and I have Flash set in SeaMonkey so it will ask me before activating any Flash content (meaning I can white list those sites that need Flash). So I should be safe from Flash exploits unless someone hacks the iView site to serve out bogus Flash files I should be safe from Flash related nasties :)

    2. Re:There are _still_ people using Flash Player? by Zontar_Thing_From_Ve · · Score: 2

      Yes. I'm a Starbucks shareholder and this week I got email telling me where to get my electronic copy of their annual report. I like to glance at the annual reports for any stocks I own and read shareholder proposals. I rarely vote to approve those but there have been a few really good ones that I voted for. Imagine my surprise to find that the Starbucks annual report was only available in Flash, not PDF.

    3. Re:There are _still_ people using Flash Player? by DigiShaman · · Score: 2

      I love how the VMWare vSphere client recommends using Flash over the HTML5 interface, even for 6.5.

      1. HTML5 based UI should at least be fully implemented by now.
      2. Flash is, and remains to be absolute ass!
      3. The stand-alone vSphere client was perfect, but doesn't support ESXi 6.5 (only 6.0 and below)
      4. How in the fuck can VMWare code ASM and C++ code, but can't get something like HTML5 right, and fallback on Flash.

      The world sucks!

      --
      Life is not for the lazy.
    4. Re:There are _still_ people using Flash Player? by Eravnrekaree · · Score: 2

      Does Seamonkey sandbox Flash like Chrome does (like Chrome even sandboxes its own content). You think you are being secure but the fact is I bet using seamonkey or palemoon you are actually much worse off than you are with Chrome.

  3. OMFG by NoNonAlphaCharsHere · · Score: 4, Funny

    A Flash SWF file embedded in a MS Word file. What could possibly go wrong?

    1. Re:OMFG by AmiMoJo · · Score: 2

      Better replace it with an ActiveX control ASAP.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    2. Re:OMFG by NoNonAlphaCharsHere · · Score: 2

      On further reflection, I'm thinking that the fopen() would probably cause an explosion that would make matter/antimatter look like Alka-Seltzer.

  4. The problem. by Anonymous Coward · · Score: 4, Informative

    The problem is that in China, nearly every video website used Flash-based video players.Also, some major e-banking websites require Flash.
    I do not know the exact reason, but someone said that Flash-based "web apps" are easier to make and Flash is easier to implement DRM (you know those ____ing sites that do not want you to download those videos by any means unless you sign up and pay)

    1. Re:The problem. by jbmartin6 · · Score: 2

      A lot of cloud based security camera systems have the same problem.

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
  5. Re:Great response Adobe by rjune · · Score: 2

    They are getting better. I posted on February 20, 2009 that it took Adobe 18 days to release a patch for a critical flaw. I think this URL will get you to the discussion: https://slashdot.org/comments....

    With regard to Adobe and security flaws, check out this URL: https://en.wikipedia.org/wiki/...